New guidance from the Counter Ransomware Initiative (CRI) urges organizations to sharpen their cyber hygiene and risk-assessment practices across supply chains to reduce the impact of ransomware attacks. The guidance emphasizes raising awareness of ransomware threats throughout the supply-chain ecosystem, promoting stronger hygiene among suppliers and partners, and embedding supply-chain vulnerabilities into risk assessments and procurement decisions.

The document highlights how threat actors increasingly exploit suppliers or service providers to gain upstream or downstream access, thereby amplifying a single compromise into broad operational impact. It advises organizations to take a stepped approach: identify key supply-chain partners, assess their access levels and security postures, develop a targeted resilience strategy, and then continuously review and refine those measures over time.

‍

Source: https://industrialcyber.co/supply-chain-security/new-cri-guidance-calls-on-organizations-to-tighten-cyber-hygiene-risk-assessments-across-supply-chains/